Zero-day vulnerability discovered within Apple iOS

The zero-day vulnerability discovered within Apple’s iOS has sparked up in the news recently. Guillaume Ross, Senior Security Consultant from Rapid7, has commented.

Though Apple iOS enjoys a well-deserved reputation for being an operating system in which security is a priority, vulnerabilities are found and will keep being found within the system. How difficult it is to break into iOS should keep increasing as additional hardening techniques are built into the OS, however, as evidenced by these recently discovered vulnerabilities, this doesn’t prevent sophisticated attackers from working on new and improved techniques.

What makes this specific type of attack particularly sophisticated is in the amount of vulnerabilities that had to be chained to make it a seamless attack requiring very little user interaction. This attack basically exploits an issue in Safari, exploits the kernel to effectively jailbreak the phone, and then persists on to the device. Jailbreak software is regularly released publicly, and exploits such vulnerabilities, but with a major difference: this software exploits the iOS device locally, over USB or such an interface, and not simply by clicking a link, though that has also occurred in the past.

Detecting such an attack, for the user of an iOS device, would be extremely difficult after the fact. As seen in Citizen Lab’s report, discovery of this attack occurred as Ahmed Mansoor forwarded the link meant to exploit his device.

The issue was disclosed to Apple 10 days before the update was rolled out, according to Lookout, showing this vulnerability was treated as critical within Apple, who proceeded to the rapid deployment of the fix.

iOS 9.3.5 is already available, meaning the population of iOS users, using devices able to run iOS 9, are already able to obtain a fix, including devices as old as the iPhone 4s, released in 2011.

iOS 10, with additional hardening, is to be released in the next few weeks, and will probably achieve rapid adoption numbers. Between iOS 9.3.5, protecting devices now, and protecting a few models unable to obtain iOS 10 when it is released, and iOS 10, the overall amount of vulnerable devices should drop drastically in the next weeks and months.